29c655dce4734745197244d3981b5346_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29c655dce4734745197244d3981b5346_JaffaCakes118
Size

180KB
MD5

29c655dce4734745197244d3981b5346
SHA1

a85f7ed87d32711fd0fecac5ec17efc7b01b6e7c
SHA256

7023ffb45900e6cce36bbdee342b72ba6fe3295b18be36efe7153253cd906e83
SHA512

781859fc723144dfc448078f1440cc003cb70bf3316d1d338fd1b11699f60c282b684e672ccbdb324e2334eebefab993e313ffe3e9f362affd0baa19baa6669c
SSDEEP

3072:qzLyeGfWRyDXyiKq+W2P1TsuBvMW8rABOj2KUVI2:qwfWwD5aW2tAJWCA0SKkI2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29c655dce4734745197244d3981b5346_JaffaCakes118

Files

29c655dce4734745197244d3981b5346_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cc71639b7e43ca08167459564276e955

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
HeapAlloc
LoadLibraryExA
MultiByteToWideChar
lstrcmpiA
GetModuleHandleA
InterlockedDecrement
CreateFileA
IsDBCSLeadByte
EnumResourceTypesA
lstrlenW
LoadResource
FindFirstFileExW
FreeLibrary
lstrcpyA
SizeofResource
FindResourceA
lstrcpynA
WideCharToMultiByte
InterlockedIncrement

oleacc

GetOleaccVersionInfo
CreateStdAccessibleObject

gdi32

GetStockObject

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ